node.js mqtt client using TLS
Question
I am trying to implement a node.js mqtt client with TLS using the package below;
https://www.npmjs.com/package/mqtt#client
The code for running mqtt client without TLS is as follows;
var mqtt = require('mqtt')
var client = mqtt.connect('mqtt://test.mosquitto.org')
client.on('connect', function () {
client.subscribe('presence')
client.publish('presence', 'Hello mqtt')
})
client.on('message', function (topic, message) {
// message is Buffer
console.log(message.toString())
client.end()
})
How should the above code be modified to use TLS on the mqtt client?
The mosca MQTT broker was run as a stand-alone using the command below;
mosca --key ./tls-key.pem --cert ./tls-cert.pem --http-port 3000 --http-bundle --http-static ./ | pino
2 answers
solution1
5 ACCPTED 2016-10-13 11:19:27
Should be enough to change the protocol part of the URL to mqtts://
mqtts://test.mosquitto.org .
Self-signed certificates
You can pass the following option to the connect function when using self-signed certificates (for testing purposes only):
mqtt.connect('mqtts://test.mosquitto.org', {
rejectUnauthorized: false
});
solution2
5 2016-10-13 11:24:51
You need to provide the mqtt.connect() function with an options object which includes the CA certificate to use to verify the connection.
The options object needs to include a ca key that points to the certificate used to sign the brokers certificate. As it looks like your using a self signed certificate this will be the same one used by the broker.
The ca key is described here
Or you can allow any certificate with the rejectUnauthorized key as mentioned in @notion's answer. But that makes it impossible to detect if somebody is impersonating your broker
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.